From cdef5ed27c98f017fa988b9f84cf175a81af789f Mon Sep 17 00:00:00 2001
From: i701 <idhaan701@outlook.com>
Date: Sun, 27 Jul 2025 10:50:40 +0500
Subject: [PATCH] =?UTF-8?q?feat(admin):=20add=20AdminTopupCreateView=20for?=
 =?UTF-8?q?=20admin=20top-up=20functionality=20=E2=9C=A8?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 billing/urls.py  |  2 ++
 billing/views.py | 41 +++++++++++++++++++++++++++++++++++++++++
 2 files changed, 43 insertions(+)

diff --git a/billing/urls.py b/billing/urls.py
index 340bea9..b7edb6d 100644
--- a/billing/urls.py
+++ b/billing/urls.py
@@ -11,6 +11,7 @@ from .views import (
     TopupDetailAPIView,
     CancelTopupView,
     ListWalletTransactionView,
+    AdminTopupCreateView,
 )
 
 urlpatterns = [
@@ -37,6 +38,7 @@ urlpatterns = [
         VerifyTopupPaymentAPIView.as_view(),
         name="verify-topup-payment",
     ),
+    path("admin-topup/", AdminTopupCreateView.as_view(), name="admin-topup"),
     path(
         "topup/<str:pk>/cancel/",
         CancelTopupView.as_view(),
diff --git a/billing/views.py b/billing/views.py
index 5629c28..b2f5e65 100644
--- a/billing/views.py
+++ b/billing/views.py
@@ -595,6 +595,47 @@ class CancelTopupView(StaffEditorPermissionMixin, generics.UpdateAPIView):
         return super().update(request, *args, **kwargs)
 
 
+class AdminTopupCreateView(StaffEditorPermissionMixin, generics.CreateAPIView):
+    queryset = Topup.objects.all().select_related("user")
+    serializer_class = TopupSerializer
+
+    def create(self, request, *args, **kwargs):
+        data = request.data
+        user_id = data.get("user_id")
+        amount = data.get("amount")
+        if not getattr(request.user, "is_admin", False):
+            return Response(
+                {"message": "You are not authorized to perform this action."},
+                status=status.HTTP_403_FORBIDDEN,
+            )
+        if not user_id:
+            return Response(
+                {"message": "user_id is required."},
+                status=status.HTTP_400_BAD_REQUEST,
+            )
+        if not amount:
+            return Response(
+                {"message": "amount is required."},
+                status=status.HTTP_400_BAD_REQUEST,
+            )
+        user = User.objects.filter(id=user_id).first()
+        if not user:
+            return Response(
+                {"message": "User not found."},
+                status=status.HTTP_404_NOT_FOUND,
+            )
+        topup = Topup.objects.create(amount=amount, user=user)
+        description = f"Topup of {amount} MVR (Cash)"
+        WalletTransaction.objects.create(
+            user=user,
+            amount=amount,
+            transaction_type="TOPUP",
+            description=description,
+        )
+        serializer = TopupSerializer(topup)
+        return Response(serializer.data, status=status.HTTP_201_CREATED)
+
+
 class ListWalletTransactionView(StaffEditorPermissionMixin, generics.ListAPIView):
     serializer_class = WalletTransactionSerializer
     queryset = WalletTransaction.objects.all().select_related("user")